Hacker News new | past | comments | ask | show | jobs | submit login

30 years ago you could just sniff the passwords on the local subnet because everyone was using telnet and ftp in the clear.





20 years ago you could also sniff passwords for all Windows users in the same subnet as you. Windows used the NTLM scheme which was known to be weak even back then. An AMD K6 running overnight cracked almost all of them at my university's lab, including the Active Directory domain admin.

An NT hash can be used as a credential all by itself, no need to crack those ;)



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: